ciphers = subprocess.check_output(["openssl", "ciphers", spec]).decode('UTF-8').strip()
return ciphers.split(':')
-def test_cipher(host, port, protocol, cipher = None, options=[]):
+def test_cipher(host, port, protocol, cipher = None, wait_time=0, options=[]):
+ # throttle
+ time.sleep(wait_time/1000)
try:
if cipher is not None:
options = ["-cipher", cipher]+options
return True
def test_protocol(host, port, protocol, ciphers, base_frac, wait_time=0, options=[]):
- if test_cipher(host, port, protocol, options=options):
+ if test_cipher(host, port, protocol, wait_time=wait_time, options=options):
# the protocol is supported
results = OrderedDict()
for i in range(len(ciphers)):
cipher = ciphers[i]
print_progress(protocol+" "+cipher, base_frac+[(i, len(ciphers))])
- results[cipher] = test_cipher(host, port, protocol, cipher, options)
- # throttle
- time.sleep(wait_time/1000)
+ results[cipher] = test_cipher(host, port, protocol, cipher=cipher, wait_time=wait_time, options=options)
return results
else:
# it is not supported
if __name__ == "__main__":
parser = argparse.ArgumentParser(description='Check TLS ciphers supported by a host')
parser.add_argument("--starttls", dest="starttls",
- help="Use a STARTTLS variant to establish the TLS connection. Possible values include smpt, imap, xmpp.")
+ help="Use a STARTTLS variant to establish the TLS connection. Possible values include smpt, imap.")
parser.add_argument("--wait-time", "-t", dest="wait_time", default="10",
help="Time (in ms) to wait between two connections to the server. Default is 10ms.")
parser.add_argument("host", metavar='HOST[:PORT]',
projects / tls-check.git / blobdiff